[Fixture] 添加authentication

a3252c93 · ibuler · e757e742 · a3252c93 · a3252c93 · a3252c93
Commit a3252c93 authored Feb 22, 2017 by ibuler
Showing with 52 additions and 38 deletions

app.py luna/app.py +4 -5

authentication.py luna/authentication.py +26 -29

conf.py luna/conf.py +8 -1

models.py luna/models.py +12 -0

views.py luna/views/views.py +2 -0

run_server.py run_server.py +0 -3

No files found.
--- a/luna/app.py
+++ b/luna/app.py
@@ -17,13 +17,13 @@ __version__ = '0.4.0'
 class Luna(Flask, AppMixin):
-    default_config = config
    app_service = None
    clients = {}
    def bootstrap(self):
-        self.app_service = AppService(app_name=self.config['NAME'],
+        self.app_service = AppService(
-                                      endpoint=self.config['JUMPSERVER_ENDPOINT'])
+            app_name=self.config['NAME'],
+            endpoint=self.config['JUMPSERVER_ENDPOINT'])
        self.app_auth()
        while True:
            if self.check_auth():
@@ -32,10 +32,8 @@ class Luna(Flask, AppMixin):
            else:
                logging.warn('App auth failed, Access key error or need admin active it')
            time.sleep(5)
-        self.heatbeat()
    def run(self, host=None, port=None, debug=None, **options):
-        # self.bootstrap()
        print(time.ctime())
        print('Luna version %s, more see https://www.jumpserver.org' % __version__)
        print('Starting ssh server at %(host)s:%(port)s' % {'host': self.config['BIND_HOST'],
@@ -52,5 +50,6 @@ class Luna(Flask, AppMixin):
 async_mode = 'threading'
 app = Luna(__name__, template_folder='dist')
+app.config.update(**config)
 socket_io = socketio.Server(logger=True, async_mode=async_mode)
 app.wsgi_app = socketio.Middleware(socket_io, app.wsgi_app)
--- a/luna/authentication.py
+++ b/luna/authentication.py
@@ -2,42 +2,39 @@
 # ~*~ coding: utf-8 ~*~
 # 
-from flask import g, request
+from flask import g, request, redirect
-from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth
+from functools import wraps, partial
+from jms import UserService
 from . import app
-token_auth = HTTPTokenAuth()
+def is_authenticate():
-basic_auth = HTTPBasicAuth()
+    pass
-auth = MultiAuth(token_auth, basic_auth)
-@basic_auth.verify_password
+def login_required(login_url=None):
-def verify_password(username, password):
+    if login_url is None:
-    return True
+        endpoint = app.config['JUMPSERVER_ENDPOINT']
-    user = app.user_service.login(username=username, password=password, remote_addr=request.remote_addr)
+        login_url = endpoint.rstrip('/') + '/users/login?next=' + request.url
-    if not user:
+        return partial(login_required, login_url=login_url)
-        g.current_user = None
-        return False
+    def decorate(func):
-    else:
+        @wraps(func)
-        g.current_user = user
+        def wrapper(*args, **kwargs):
-        return True
+            session_id = request.cookies.get('sessionid', '')
+            csrf_token = request.cookies.get('csrf_token', '')
+            if '' in [session_id, csrf_token]:
+                return redirect(login_url)
+            g.user_service = UserService.auth_from_session(session_id, csrf_token)
+            if g.user_service.is_authenticate():
+                return func(*args, **kwargs)
+            else:
+                return redirect(login_url)
+        return wrapper
+    return decorate
-@token_auth.verify_token
-def verify_token(token):
-    return True
-    if getattr(g, 'token') and g.token == token:
-        return True
-    else:
-        return False
-#@app.before_request
-#@auth.login_required
-#def before_request():
-#    print('Request start')
-#    if g.current_user is None:
-#        print('User is None')
-#        return unauthorized('Invalid credentials')
--- a/luna/conf.py
+++ b/luna/conf.py
@@ -4,11 +4,18 @@
 #
 import os
+import sys
 from six import string_types
 from werkzeug.utils import import_string
 # from . import PROJECT_DIR
 PROJECT_DIR = os.path.dirname(os.path.dirname(__file__))
+sys.path.append(PROJECT_DIR)
+try:
+    import config as custom_config
+except ImportError:
+    custom_config = object()
 class ConfigAttribute(object):
@@ -93,7 +100,7 @@ class Config(dict):
 config = Config()
-config.from_object(os.environ.get('LUNA_CONFIG_MODULE', object()))
+config.from_object(custom_config)
--- a/luna/models.py
+++ b/luna/models.py
+# ~*~ coding: utf-8 ~*~
+class User(object):
+    def __init__(self, profile):
+        for k, v in profile:
+            setattr(self, k, v)
+        self.sessionid = None
+        self.username = profile.get('username', 'Unknown')
+        self.name = profile.get('name', 'Unknown')
--- a/luna/views/views.py
+++ b/luna/views/views.py
@@ -2,6 +2,7 @@
 from .. import app
+from ..authentication import login_required
 from flask import render_template, send_from_directory
@@ -9,6 +10,7 @@ __all__ = ['index', 'luna', 'send_dist']
 @app.route('/')
+@login_required
 def index():
    return render_template('index.html')

--- a/run_server.py
+++ b/run_server.py
 #!/usr/bin/env python
 # ~*~ coding: utf-8 ~*~
-import os
 from luna import app
-os.environ.setdefault('LUNA_CONFIG_MODULE', 'luna.config')
 host = app.config['BIND_HOST']
 port = app.config['LISTEN_PORT']